Re: UnixWare

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Ron McDowell: "Re: UnixWare"
• Previous message: der Mouse: "Re: UnixWare"
• In reply to: John Macdonald: "Re: UnixWare"

John Macdonald says:
> Well there are certainly configuration problems that can
> break security that do not involve setuid.  General write
> (or even read) permissions on /dev/mem or /dev/kmem is
> one example.  Write permission on /etc/passwd amongst many
> important files and directories is another.

Certainly that is the case. No one doubted it. I in fact explicitly
mentioned such cases in my initial message. The original question was
"how do I make my public access unix system secure"?

I stated that security bugs could be traced 99% of the time to

-- Bad file permissions
-- Improperly allowing access to devices or files like utmp or wtmp
-- SUID programs or programs running unnecessarily as root

Remove these problems, which you can do more or less mechanically,
from your public access unix system and its unlikely that anyone can
hack it any more.

With that, I'm laying this thread to rest.

Perry

• Next message: Ron McDowell: "Re: UnixWare"
• Previous message: der Mouse: "Re: UnixWare"
• In reply to: John Macdonald: "Re: UnixWare"